SHI Cyberattack Timeline and Malware Recovery Details | #cybersecurity | #cyberattack


SHI International is striving to recover from a cyberattack that occurred over the July 4th holiday weekend, the MSP and IT solutions provider has disclosed.

SHI, founded in 1989, supports 15,000 technology partners. The company, based in Somerset, New Jersey, has more than 5,500 employees, according to LinkedIn. SHI’s areas of expertise include e-commerce, fulfillment and IT asset management solutions, along with hybrid data center and storage solutions.

SHI Cyberattack Disclosure and Timeline

Here’s a timeline tracking the SHI cyberattack and recovery efforts:

  • July 4 Holiday Weekend, 2022: Hackers launch “coordinated and professional” malware attack against SHI.
  • July 6, 2022: SHI discloses the attack, starting that the “incident was swiftly identified and measures were enacted to minimize the impact on SHI’s systems and operations.” SHI staff email has been restored, though the company’s website remains offline. Also, customers have full access to their account teams and specialists via both email and phone. There is no that customer data was accessed, and no third-party supply chain systems were hit, the company believes.
  • July 7, 2022: The SHI website remains offline.
  • July 8, 2022, 8:00 a.m. ET: The SHI website remains offline. The company’s LinkedIn and Twitter feeds have not been updated since the July 6 attack disclosure.

SHI Cyberattack Investigation Details: SHI is working with the FBI and CISA (Cybersecurity & Infrastructure Security Agency) to investigate the attack. The company did not say whether it has hired an MSSP, MDR or cyber forensics service provider to assist the investigation and recover. Also, SHI did not disclose if the attack involved ransomware, nor did the company say if it knew the name of the attacker.

Hackers, Ransomware Continue to Target MSPs

Amid continued attacks against MSPs, the Cybersecurity and Infrastructure Security Agency (CISA), working with partners worldwide, in May 2022 issued a Cybersecurity Advisory (CSA). That CSA is designed to help MSPs protect themselves and customers from supply chain cyberattacks and other digital threats.

The advisory describes 12 steps that MSPs can take to safeguard their businesses and end-customer systems. The advisory was developed by UK, Australian, Canadian, New Zealand, and U.S. cybersecurity authorities, the CISA indicated.



Original Source link

Leave a Reply

Your email address will not be published.

+ twenty nine = thirty six